viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	414	436	1463	3	0	2020-10-26	103.224.182.207	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	puracandelatv.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
1	tier_1	secondnaturecd.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
2	tier_1	03calls.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
3	tier_1	ddiziizle.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
4	tier_1	ribbon-art.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
5	tier_1	benstreaming.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
6	tier_1	ecatomb.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
7	tier_1	a-doctor-in-the-house.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
8	tier_1	ptidico.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
9	tier_1	okuloncesiegitimi.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
10	tier_2	bidr.trellian.com	193	ABOVE.COM PTY LTD.	NS1.TRELLIAN.COM	REDACTED FOR PRIVACY
11	tier_2	us.redirectbuzz.club	108	Gandi SAS	ns-2.awsdns-00.com	PPCBUZZ
12	tier_2	trkads.info	81	DANESCO TRADING LTD	NS1.DIGITALOCEAN.COM	DANESCO TRADING LTD.
13	tier_2	google.com	81	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
14	tier_2	0redira.com	57	ABOVE.COM PTY LTD.	NS1.ABOVE.COM	REDACTED FOR PRIVACY
15	tier_2	recode.pw	32	Gandi SAS	NS-1611.AWSDNS-09.CO.UK	None
16	tier_2	amobil.online	22	Gandi SAS	NS-1714.AWSDNS-22.CO.UK	None
17	tier_2	technoblogs.net	21	GANDI SAS	NS-1196.AWSDNS-21.ORG	PPCBUZZ
18	tier_2	robocrafthq.com	15	GANDI SAS	NS-115.AWSDNS-14.COM	PPCBUZZ
19	tier_2	link.searchemoji.global	15	GoDaddy.com, LLC	NS03.DOMAINCONTROL.COM	None
20	tier_3	google.com_LOOP_1	81	None	None	None
21	tier_3	clk.news-headlines.co	30	None	None	None
22	tier_3	carsnspeed.net	26	GANDI SAS	NS-1120.AWSDNS-12.ORG	PPCBUZZ
23	tier_3	pes20.proasdf.com	20	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
24	tier_3	amobil.online	8	None	None	None
25	tier_3	samsung.com	8	None	None	None
26	tier_3	brainberries.co	8	GoDaddy.com, LLC	chuck.ns.cloudflare.com	Bedigital Corporation
27	tier_3	top.newshub.co.uk	6	OVH [Tag = OVH-FR]	p	None
28	tier_3	amazon.com	5	MarkMonitor, Inc.	NS1.P31.DYNECT.NET	Amazon Technologies, Inc.
29	tier_3	blog.sfgate.com	5	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.

	ip	hostname	city	region	org	postal	country_name	tier	count
0	103.224.182.207	lb-182-207.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_1	261
1	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	85
2	103.224.182.206	bidr.trellian.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	193
3	165.22.162.145	nan	Santa Clara	California	AS14061 DigitalOcean, LLC	95051	United States	tier_2	81
4	103.224.212.241	lb-212-241.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	57
5	209.132.243.15	nan	Wyoming	Michigan	AS7296 Alchemy Communications, Inc.	49509	United States	tier_2	26
6	204.44.79.214	204.44.79.214.static.quadranet.com	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	19
7	172.217.12.132	lga34s19-in-f4.1e100.net	Westbury	New York	AS15169 Google LLC	11590	United States	tier_2	16
8	130.211.115.4	4.115.211.130.bc.googleusercontent.com	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	14
9	66.232.112.84	66-232-112-84.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_2	14
10	66.232.112.85	66-232-112-85.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_2	14
11	66.232.112.75	66-232-112-75.static.hvvc.us	Denver	Colorado	AS29802 HIVELOCITY, Inc.	80210	United States	tier_2	14
12	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	85
13	162.243.10.151	nan	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	22
14	54.172.16.98	ec2-54-172-16-98.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_3	9
15	52.45.50.0	ec2-52-45-50-0.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_3	9
16	52.203.50.59	ec2-52-203-50-59.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_3	7
17	158.177.130.84	54.82.b19e.ip4.static.sl-reverse.com	Las Vegas	Nevada	AS36351 SoftLayer Technologies Inc.	89111	United States	tier_3	6
18	35.174.102.54	ec2-35-174-102-54.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_3	5
19	66.232.112.68	66-232-112-68.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_3	5
20	151.101.0.200	nan	Singapore	Singapore	AS54113 Fastly	048508	Singapore	tier_3	5
21	23.221.210.196	a23-221-210-196.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	5

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶